const User = require('../models/User');

const authMiddleware = {
  adminRequired: async (req, res, next) => {
    try {
      if (!req.session.user) {
        return res.redirect('/admin/login');
      }
      
      const user = await User.findById(req.session.user._id);
      if (!user || user.role !== 'admin') {
        return res.redirect('/admin/login');
      }
      
      next();
    } catch (err) {
      console.error(err);
      res.status(500).send('服务器错误');
    }
  }
};

module.exports = authMiddleware;